SHOW:
|
|
- or go back to the newest paste.
| 1 | [admin@MikroTik] > /export | |
| 2 | # jul/30/2017 01:25:15 by RouterOS 6.41rc3 | |
| 3 | # software id = B4SW-VDRD | |
| 4 | # | |
| 5 | # model = 951Ui-2HnD | |
| 6 | # serial number = 5581040CB71C | |
| 7 | /interface lte | |
| 8 | set [ find ] apn="" disabled=yes mac-address=58:2C:80:13:92:63 name=lte1 | |
| 9 | /interface bridge | |
| 10 | add admin-mac=4C:5E:0C:E0:54:EE arp=proxy-arp auto-mac=no comment="created from master port" igmp-snooping=no mtu=1500 name=br1-lan \ | |
| 11 | protocol-mode=none | |
| 12 | /interface ethernet | |
| 13 | set [ find default-name=ether1 ] name=eth1-wan | |
| 14 | set [ find default-name=ether2 ] name=eth2-lan | |
| 15 | set [ find default-name=ether3 ] name=eth3-lan | |
| 16 | set [ find default-name=ether4 ] name=eth4-lan | |
| 17 | set [ find default-name=ether5 ] name=eth5-lan | |
| 18 | /interface pppoe-client | |
| 19 | add add-default-route=yes disabled=no interface=eth1-wan name=tap1-wan password=xxx user=xxx | |
| 20 | /interface pptp-server | |
| 21 | add name=pptp-in1 user=vpn | |
| 22 | /interface wireless security-profiles | |
| 23 | add authentication-types=wpa-psk,wpa2-psk eap-methods="" management-protection=allowed mode=dynamic-keys name=wpa2-protect \ | |
| 24 | supplicant-identity="" wpa-pre-shared-key=xxx wpa2-pre-shared-key=xxx | |
| 25 | /interface wireless | |
| 26 | set [ find default-name=wlan1 ] band=2ghz-b/g/n disabled=no frequency=auto mode=ap-bridge security-profile=wpa2-protect ssid=omgwtfbbq \ | |
| 27 | wireless-protocol=802.11 | |
| 28 | /interface wireless nstreme | |
| 29 | set wlan1 enable-polling=no | |
| 30 | /ip pool | |
| 31 | add name=dhcp-pc ranges=10.0.0.2-10.0.0.50 | |
| 32 | /ip dhcp-server | |
| 33 | add address-pool=dhcp-pc disabled=no interface=br1-lan lease-time=8h name=dhcp-pc | |
| 34 | /interface bridge port | |
| 35 | add bridge=br1-lan interface=wlan1 | |
| 36 | add bridge=br1-lan interface=eth2-lan | |
| 37 | add bridge=br1-lan interface=eth3-lan | |
| 38 | add bridge=br1-lan interface=eth4-lan | |
| 39 | add bridge=br1-lan interface=eth5-lan | |
| 40 | /interface pptp-server server | |
| 41 | set enabled=yes | |
| 42 | /ip address | |
| 43 | add address=10.0.0.1/24 interface=br1-lan network=10.0.0.0 | |
| 44 | /ip dhcp-server lease | |
| 45 | add address=10.0.0.100 client-id=1:14:da:e9:df:e2:7a mac-address=14:DA:E9:DF:E2:7A server=dhcp-pc | |
| 46 | add address=10.0.0.99 client-id=1:0:26:2d:84:82:13 mac-address=00:26:2D:84:82:13 server=dhcp-pc | |
| 47 | /ip dhcp-server network | |
| 48 | add address=10.0.0.0/24 dns-server=10.0.0.1 gateway=10.0.0.1 netmask=24 ntp-server=10.0.0.1 | |
| 49 | /ip dns | |
| 50 | set allow-remote-requests=yes servers=77.88.8.8 | |
| 51 | /ip dns static | |
| 52 | add address=192.168.88.1 name=router.lan | |
| 53 | /ip firewall filter | |
| 54 | add action=accept chain=input dst-port=1723 protocol=tcp | |
| 55 | add action=accept chain=input protocol=gre | |
| 56 | add action=accept chain=input protocol=icmp | |
| 57 | add action=accept chain=input connection-state=new dst-port=80,8291,22 in-interface=br1-lan protocol=tcp src-address=10.0.0.0/24 | |
| 58 | add action=accept chain=input connection-mark=allow_in connection-state=new dst-port=80 in-interface=tap1-wan protocol=tcp | |
| 59 | add action=accept chain=input connection-state=established,related | |
| 60 | add action=accept chain=input connection-state=new dst-port=53,123 in-interface=br1-lan protocol=udp src-address=10.0.0.0/24 | |
| 61 | add action=accept chain=forward connection-state=established,new in-interface=br1-lan out-interface=tap1-wan src-address=10.0.0.0/24 | |
| 62 | add action=accept chain=forward connection-state=established,related dst-address=10.0.0.0/24 in-interface=tap1-wan out-interface=\ | |
| 63 | br1-lan | |
| 64 | add action=accept chain=output connection-state=!invalid | |
| 65 | add action=drop chain=input | |
| 66 | add action=drop chain=output | |
| 67 | add action=drop chain=forward | |
| 68 | /ip firewall mangle | |
| 69 | add action=mark-connection chain=prerouting connection-state=new dst-port=9999 in-interface=tap1-wan new-connection-mark=allow_in \ | |
| 70 | passthrough=yes protocol=tcp | |
| 71 | /ip firewall nat | |
| 72 | add action=masquerade chain=srcnat out-interface=tap1-wan src-address=10.0.0.0/24 | |
| 73 | add action=redirect chain=dstnat dst-port=9999 protocol=tcp to-ports=80 | |
| 74 | /ip firewall service-port | |
| 75 | set sip disabled=yes | |
| 76 | /ip route | |
| 77 | add distance=1 dst-address=10.0.1.0/24 gateway=10.0.0.250 | |
| 78 | /ip upnp | |
| 79 | set enabled=yes | |
| 80 | /ppp secret | |
| 81 | add local-address=10.0.0.1 name=vpn password=xxx remote-address=10.0.0.250 service=pptp | |
| 82 | /system clock | |
| 83 | set time-zone-autodetect=no time-zone-name=Europe/Astrakhan | |
| 84 | #error exporting /system routerboard mode-button | |
| 85 | [admin@MikroTik] > |
